Skip to content

luxysiv/Cloudflare-Gateway-Pihole

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

890 Commits
.github/workflows
.github/workflows
 
 
docs
docs
 
 
lists
lists
 
 
src
src
 
 
.env
.env
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 

Repository files navigation

CF_logo_stacked_whitetype

English | Việt Nam

New update

  • If you receive an email saying that the Github Action will be disabled, When it is disabled, you go to the Github Action and turn it on and it will work forever.

  • Major update, you can run cron every hour, no need to worry about losing blocking effect, no damage to Cloudflare Gateway server

  • You must delete the lists of other scripts.

  • Don't worry about the number of listings on Cloudflare Gateway, for example there are 132k domains but the number of listings can be 140

  • To add a separate white list inviting visit Cloudflare-Gateway-Allow

Pihole styled, but using Cloudflare Gateway

For Devs, Ops, and everyone who hates Ads.

Create your ad blocklist using Cloudflare Gateway.

Credit goes there

Thanks a lot to @nhubaotruong for his contributions.

Readme by @minlaxz.

Added dynamic domain filter (whitelist and blacklist) idea (please check ini files, as you may also need to modify those).

Added dynamic domain filter (whitelist and blacklist) to Actions variables (please check dynamic_blacklist.txt and dynamic_whitelist.txt. to know examples to add Value*).Use DYNAMIC_BLACKLIST and DYNAMIC_WHITELIST for Name* in Actions variables

Supported styles

https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt

or

[Ad-Urls]
Adguard = https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt

Custom URLs

  • Add to file:

    White list whitelist.ini and block list adlist.ini.

  • Add to GitHub Action variables:

    Name*

    ADLIST_URLS or WHITELIST_URLS.

    Value* URLs list

    Example:

    https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
https://raw.githubusercontent.com/hagezi/dns-blocklists/main/wildcard/light-onlydomains.txt

  • You should add your ad list and whitelist to Action variables. If you update your fork, your custom list will not be lost.

How to set this up?

  1. Fork this repository to your account.

  2. Grab your Cloudflare Account ID (found after https://dash.cloudflare.com/) from ➞ https://dash.cloudflare.com/?to=/:account/workers.

  3. Create your API Token from ➞ https://dash.cloudflare.com/profile/api-tokens with 3 permissions:

    1. Account.Zero Trust : Edit
    2. Account.Account Firewall Access Rules : Edit
    3. Account.Access: Apps and Policies : Edit

  4. Add Repository Secrets to your forked repository: ➞ https://github.com/<username>/<forked-repository>/settings/secrets/actions

    1. Set Cloudflare Account ID to CF_IDENTIFIER.
    2. Set API Token to CF_API_TOKEN.

How to set up using Termux?

To use this tool on the GOAT Termux, follow the steps below. If you are already familiar with setting up Python and the basics, you can skip this section.

Method 1:

  1. Open Termux and run the following commands one by one:
yes | pkg upgrade
yes | pkg install python-pip
yes | pkg install git
# Clone your forked repo #
git clone https://github.com/<username>/<repo-name>.git
  1. Navigate to the cloned repository folder:
cd <repo-name>
  1. Edit the .env file (required):
nano .env

After editing, press CTRL + X, then Y, and ENTER to save the file.

  1. Run the command to upload (update) your DNS list:
python -m src run
  1. Run the command to delete your DNS list:
python -m src leave

Method 2:

  1. Download the ZIP file of the repository from the 'Code' button on the GitHub page and select 'Download ZIP'.

  2. Unzip the downloaded file.

  3. Edit the values in .env and adlist.ini etc...

  4. Open Termux and enter the following commands to set up Python and necessary tools:

yes | pkg upgrade
yes | pkg install python-pip
termux-setup-storage

  1. Allow Termux to access storage.

  2. Navigate to the folder containing the unzipped source code:

cd storage/downloads/Cloudflare-Gateway-Pihole-main
  1. Run the command to upload (update) your DNS list:
python -m src run
  1. Run the command to delete your DNS list:
python -m src leave

If you encounter issues during setup, you can refer to termux-change-repo for changing Termux repositories.

Note

  • The limit of Cloudflare Gateway Zero Trust free is 300k domains, so remember to pay attention to the workflow logs. If it is exceeded, the script will stop.

  • If you have uploaded lists using another script, you should delete them using the delete feature of the uploaded script or delete them manually.

  • I have updated the feature to delete lists when you no longer need to use the script. Go to main.yml as follows:

      - name: Cloudflare Gateway Zero Trust 
        run: python -m src leave

Note from @minlaxz:

  1. Domain list style: I personally preferred the second one in blacklist styles, which is more readable and concise.
  2. Dynamic domain list: You can also update your dynamic (fluid) whitelist and blacklist using dynamic_blacklist.txt and dynamic_whitelist.txt.
  3. Deprecated using .env: Setting sensitive information inside a public repository is considered too dangerous, since any unwanted person could easily steal your Cloudflare credentials from that .env file.

🥂🥂 Cheers! 🍻🍻

About

Make ad blocking dns using Cloudflare Gateway Zero Trust

Topics

dns ad-blocking dns-blocking dns-adblock cloudflare-gateway

Resources

Readme
Activity

Stars

106 stars

Watchers

2 watching

Forks

194 forks
Report repository

Releases

No releases published

Contributors 4

  •  
  •  
  •  
  •  

Languages